1 / 45

Viruses and Spyware

Viruses and Spyware. What is a Virus?. A virus can be defined as a computer program that can reproduce by changing other programs to include a copy of itself. . It is a parasite program, needing another program to survive. . For our purposes, that program is Microsoft Windows.

Sophia
Download Presentation

Viruses and Spyware

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Viruses and Spyware

  2. What is a Virus? • A virus can be defined as a computer program that can reproduce by changing other programs to include a copy of itself. • It is a parasite program, needing another program to survive. • For our purposes, that program is Microsoft Windows

  3. How many viruses are out there? • Many. http://securityresponse.symantec.com/avcenter/vinfodb.html

  4. Yale’s Network • Our network is particularly vulnerable

  5. Yale’s Network • We are not a closed corporate network • We have a federated IT structure • We have STUDENTS

  6. How is the Library protected? • Norton Antivirus updated daily • Microsoft Security Patches

  7. Norton Antivirus • Constantly scans system files for viruses. Does this in “real time” • New virus definitions are delivered when needed.

  8. Norton Antivirus • Norton is REACTIVE not PROACTIVE • This means that only known viruses can be caught • There have been several times where something originates here at Yale or at another university before Norton finds it. • Norton cannot a stop virus in this case

  9. Norton Antivirus • Norton also does not necessarily remove the virus from the machine. • It will block access to it, but if a machine is open to the exploit, there still is the chance it will be successfully executed

  10. How can I tell if I have a problem with Norton? • Normal Norton Shield • Red cross through Shield • Yellow exclamation point

  11. Norton Antivirus • What do they mean? • Realtime protection not active • Norton Antivirus services not loaded • Both are not good

  12. Norton Antivirus other problems • Virus Definitions are not recent (several weeks old) • No shield at all • Not updating every day • Hands on

  13. When Norton catches a virus • A window pops up. What this window says is very important

  14. When Norton catches a virus • This is good

  15. When Norton catches a virus • This is bad

  16. When Norton catches a virus • So long as your computer says “quarantine succeeded”, the virus has been caught. If it says anything else, contact W&WS immediately.

  17. When Norton catches a virus • Norton does not delete it but“quarantines” it. • Goes back to a time when viruses infected legitimate documents • Generally no longer the case. Viruses are no longer worth keeping. If Norton catches it, they already know about it

  18. Clearing the Quarantine • As a result, as viruses are caught on your computer they fill up the quarantine. • This leads to annoying messages asking you to try and “fix” the files • This is useless. You cannot fix a modern virus. We should just clear out the quarantine. This is how:

  19. Clearing the Quarantine

  20. Clearing the quarantine

  21. Clearing the quarantine

  22. Clearing the quarantine

  23. Virus transmission • Most common methods: • Executed by someone clicking on an email attachment. • Automatically through a network via security holes/flaws

  24. Virus transmission • How do we stop them? • well…

  25. Email Messages • Email viruses are a fact of life, and there is little that you can do at the computer end to stop them. (Do not filter at the computer!) • Be suspicious of email attachments from unknown sources.

  26. Email Messages • Do not set your email program to "auto-run" attachments. We have ITS renaming files so that people have to go through several steps to open attachments. This reduces the likelihood of “accidentally “ clicking on an attachment.

  27. Virus transmission • Verify that attachments have been sent by the author of the email. Newer viruses can send email messages that APPEAR to be from people you know.

  28. Virus transmission • Speaking of which….

  29. Email messages • Email headers can be forged. • This means that the person in the “from” address did NOT send the email virus. • The virus simply picks and chooses two random addresses from your computer and sends it

  30. Email messages • Just because a virus arrives with someone’s name attached to it. This does not mean that they have a virus.

  31. Forged header example

  32. Virus transmission • Viruses exploit security flaws within Windows • Almost all of these flaws are public knowledge with an available fix • Viruses exploit security flaws within Windows

  33. Virus transmission • Virus infections are preventable via patching • Case in point:

  34. Virus transmission • The Sasser worm exploits a hole in Windows that was patched on April 13, 2004. • The Sasser worm started making it’s rounds on April 30th. • People had 17 days to patch their machines.

  35. Virus transmission • As a result of patching all of our machines, the Library did not have a single computer found with the Sasser Worm.

  36. Software Update Services • This is a result of Software Update Services. • This is an automated, centrally managed service that allows automatic application of patches on Yale Library workstations

  37. Software Update Services • What you need to know

  38. Software Update Services • This globe indicates that the updates have been automatically sent to your computer

  39. Software Update Services • Because Library users are administrators on their machines, users can override this.

  40. Software Update Services • Tell your users to click YES when this window appears

  41. Software Update Services • Tasks for expert users • Make sure computers are turned on frequently. • If people are away, please make sure their workstations are turned on regularly. Login is not necessary

  42. Spyware: What is it? • Spyware is deceptive software, which promises you a feature or utility in return for secretly tracking your web surfing habits for advertising purposes.

  43. Spyware • Why Spyware is bad: It is annoying • It is network intensive • Violates your privacy • Violates Yale’s ‘privacy’ (can monitor ALL your network traffic) • It is a possible security risk (redirects)

  44. How do I tell if I have spyware? • 5 Signs: Extra system tray icons Extra toolbars in Internet Explorer Redirected home page Popups ALL the time S L O W Computer

  45. How do I remove spyware Sometimes even the uninstallers are deceptive The best way: Spyware removal tools We use Spybot Search and Destroy

More Related